lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
From: kruse at krusesecurity.dk (Peter Kruse) Subject: SV: MS03-039 has been released - critical Hi, > "The new DoS vulnerability was disclosed by a hacking group > in China on July 25, 2003, and functional exploit code is > already in use on the Internet. " This is well known. However it?s not the BoF exploit. Yet again, the detailed advisory from Eeye makes it fairly easy to write a working exploit. Although I haven?t seen a PoC yet I would expect it to be release shortly. It?s a bit harder to exploit than the previous RPC Dcom weakness but it?s certainly possible. Please note that Eeye has already released an update for Retina Security Scanner and I suppose every script kid, cracker or hacker should be able to sniff to code from Retina going to a remote vulnerable host. You think? CHAM, yeah? I suggest we update RPC - again. Med venlig hilsen // Kind regards Peter Kruse Kruse Security http://www.krusesecurity.dk
Powered by blists - more mailing lists